hackerfantastic.crypto's Avatar

hackerfantastic.crypto

@hackerfantastic.bsky.social

Co-Founder https://hacker.house cyber security assurance & hacker training ~ ISBN9781119561453 ~ a book on professional hacking. Contact for competitive quotes on cyber security projects.

1,101 Followers  |  47 Following  |  36 Posts  |  Joined: 08.06.2023  |  1.9357

Latest posts by hackerfantastic.bsky.social on Bluesky

Preview
US sanctions firm linked to cyber scams behind $200 million in losses The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over $200 million in losses for Americans.

The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over $200 million in losses for Americans.

29.05.2025 11:42 β€” πŸ‘ 8    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0

looks like an airplane banner that got loose.

29.05.2025 16:06 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Video thumbnail

Exploiting MS-TNAP, 1-click, no prompts.

05.05.2025 19:41 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Explore our detailed Telnet vulnerability research:

πŸ“Œ Guest Bypass: github.com/hackerhouse-...

πŸ“Œ Mutual Auth: github.com/hackerhouse-...

πŸ“Œ Telnet Client MS-TNAP PoC: github.com/hackerhouse-...

#HackerHouse

05.05.2025 16:51 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

We released three advisories on Microsoft Telnet Server & Client, targeting MS-TNAP vulnerabilities.

1️⃣ Guest Restriction Bypass (CVSS 7.5)

2️⃣ MS-TNAP Mutual Auth Protocol Issue: Non-exploitable config/protocol issue.

3️⃣ Telnet Client PoC: Exposes MS-TNAP risks e.g. phishing.

#Cybersecurity

05.05.2025 16:51 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Video thumbnail

Microsoft Telnet Client MS-TNAP Server-Side Authentication Token Exploit github.com/hackerhouse-...

05.05.2025 16:41 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

Not every bug can be a vulnerability and not every vulnerability can be exploited, the MS-TNAP issue I describe exists within the protocol for Telnet authentication using NTLM and partially in the Telnet Server code, but was not fully implemented by Microsoft. PoC's are available for both issues.

30.04.2025 20:17 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Hacker House exposes flaws in Microsoft Telnet Server! Two advisories reveal a high-severity Guest Access Bypass (CVSS 7.5) in MS-TNAP, risking unauthorized access on Windows 2000 to Server 2008 R2, and an unexploitable NTLM mutual auth issue github.com/hackerhouse-... & github.com/hackerhouse-...

30.04.2025 20:17 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image 28.04.2025 22:40 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Interesting that the cyberbeat journalists wrote multiple news articles about a fake exploit of this recent bug. It's fine though, I almost fell for this AI generated crap too, just like the fake TaskScheduler UAC Bypass you all wrote about. ;-) cyberdom.blog/abusing-the-...

24.04.2025 15:06 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

have you tried turning it off and on again?

24.04.2025 15:02 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

"MSRC didn’t consider a single report as a vulnerability." - is something I agree with, you need the Administrator password to leverage this and whilst Task Scheduler is awesome and tons of fun - you need some kind of boundary violation for this to be an issue. "I have the password" is not one.

22.04.2025 15:47 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

It reads to me as a surface-level analysis of the Task Scheduler implementation with the remarkable realization that "Task Scheduler can run Tasks as other users!" 🫒 - I enjoyed the write up but this is a very misleading post.

22.04.2025 15:43 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Task Scheduler– New Vulnerabilities for schtasks.exe UAC bypass, metadata poisoning, and log overflow vulnerabilities in Windows Task Scheduler reveal new tactics for defense evasion and privilege escalation

I found this article interesting, but it isn't technically a UAC bypass - if you have the Administrator username and password, you can authenticate to the host via TaskScheduler by design. The other vulnerabilities were also not really of any value to an attacker. cymulate.com/blog/task-sc...

22.04.2025 15:42 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
DHS Secretary Noem’s purse stolen at Easter dinner with family in D.C. The theft occurred as Homeland Security Secretary Kristi L. Noem dined with her extended family at the Capital Burger on Seventh Street NW, people familiar with the incident said.

Department of Homeland Security Secretary Kristi L. Noem’s purse was stolen from a downtown Washington restaurant Sunday night, with her passport, DHS badge and about $3,000 cash inside, the department confirmed Monday.

21.04.2025 23:58 β€” πŸ‘ 724    πŸ” 123    πŸ’¬ 360    πŸ“Œ 74

I was conversing, you unthreaded my comment which is just sad to see.

22.04.2025 14:51 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I often discuss in my talks about how political bias influences and shapes the technology we build and use. The "underground" of computing technology has typically been right of center which is where many interesting protocols have come from. Internet is healing and people are free to speak again.

22.04.2025 14:46 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Political-bias on BlueSky is largely left-leaning, it's a comment that "verification" is just an extension of those political biases on display where those who ascribe to particularly agendas and ideologies leverage institutions and systems as power in the society.

22.04.2025 14:44 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0
Post image Post image

This morning Minnesota Republicans introduced a bill banning mRNA vaccines and labeling them "weapons of mass destruction." It would make manufacturing, possessing or administering them a crime punishable by up to 20 years in prison. www.revisor.mn.gov/bills/bill.p...

21.04.2025 20:01 β€” πŸ‘ 989    πŸ” 456    πŸ’¬ 150    πŸ“Œ 303

Those who ascribe to extreme-left "woke" ideology.

22.04.2025 14:12 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

The woke do love assigning themselves perceived authority over others.

22.04.2025 14:04 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
facedancer/examples/camera.py at rawgadget2 Β· zhuowei/facedancer Fork of https://github.com/xairy/Facedancer/tree/rawgadget with patches for testing CVE-2024-53197 - zhuowei/facedancer

Zhuowei Zhang released POC code for CVE-2024-53104, a zero-day used by Cellebrite to unlock Android devices

-patched in February
-used by Serbian law enforcement to unlock the phones of anti-government protesters and journalists

github.com/zhuowei/face...

22.04.2025 11:20 β€” πŸ‘ 10    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0
Post image

Mikrotik "opensesame" SNMP backdoor. Tutorial on how to create a backdoor modelled on EXTRABACON that resets the admin password using a UDP packet (SNMPset) as a post-exploitation technique. github.com/hackerhouse-...

17.04.2025 19:55 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Post image Post image Post image

Exploitation of CVE-2025-21204. Low-privileged user creates an "inetpub" and populates with content. Administrator later installs IIS (logic bomb). The attackers malicious IIS data is still available, executes code under IIS privileges resulting in an LPE. KB/patches do stuff too

17.04.2025 01:21 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 1    πŸ“Œ 1
Post image

Mikrotik "opensesame" SNMP backdoor. Tutorial on how to create a backdoor modelled on EXTRABACON that resets the admin password using a UDP packet (SNMPset) as a post-exploitation technique. github.com/hackerhouse-...

17.04.2025 19:55 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
This β€˜College Protester’ Isn’t Real. It’s an AI-Powered Undercover Bot for Cops Massive Blue is helping cops deploy AI-powered social media bots to talk to people they suspect are anything from violent sex criminals all the way to vaguely defined β€œprotesters.”

NEW: A secretive surveillance company is building "AI persona" bots for cops intended to gather evidence on people. Personas include "college protesters," "radicalized" divorced moms, children. We have docs that shows how it works and what cops can do with it:

www.404media.co/this-college...

17.04.2025 13:43 β€” πŸ‘ 824    πŸ” 498    πŸ’¬ 34    πŸ“Œ 96

Was this exploited by "BadIIS"? Not to my knowledge, but who cares? This fix isn't a good solution as anytime a privileged user or system owner removes "inetpub" they re-expose themselves to this CVE. It's a fix, but an easy one to accidentally undo by careless Admins.

17.04.2025 01:21 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Forcefully creating the "inetpub" folder prevents an attacker compromising a host pre-deployment, during deployment or a machine that at a later stage has IIS setup or configured - giving them the ability to pollute the web content when they would otherwise have no access todo so

17.04.2025 01:21 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image Post image Post image

Exploitation of CVE-2025-21204. Low-privileged user creates an "inetpub" and populates with content. Administrator later installs IIS (logic bomb). The attackers malicious IIS data is still available, executes code under IIS privileges resulting in an LPE. KB/patches do stuff too

17.04.2025 01:21 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 1    πŸ“Œ 1
VirusTotal VirusTotal

www.virustotal.com/gui/file-ana...

16.04.2025 14:32 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@hackerfantastic is following 20 prominent accounts